banner grabbing (not fully implemented, works with native verbose ports only)
IAC negotiation for telnet
reverse dns
geolocation information
stdout or json output
optional progress details (event based)
Changelog
v1.7.5 – 2019/01/23
switch to MIT licence
v1.7.4 – 2019/01/23
fix #57
v1.7.3 – 2019/01/23
maintenance: update npm packages
fix geoip test
ci tests should accept nodejs v10 and v11
v1.7.2 – 2019/01/23 (broken tests, see 1.7.3)
don’t destroy a non-existing socket, fix #58
Install
npm install -g evilscan
Use
in your code, using events only
var evilscan = require('evilscan');
var options = {
target:'127.0.0.1',
port:'21-23',
status:'TROU', // Timeout, Refused, Open, Unreachable
banner:true
};
var scanner = new evilscan(options);
scanner.on('result',function(data) {
// fired when item is matching options
console.log(data);
});
scanner.on('error',function(err) {
throw new Error(data.toString());
});
scanner.on('done',function() {
// finished !
});
scanner.run();
in your code, using callback and events
var evilscan = require('evilscan');
var options = {
target:'127.0.0.1',
port:'21-23',
status:'TROU', // Timeout, Refused, Open, Unreachable
banner:true
};
new evilscan(options, (err, scan) {
if (err) {
console.log(err);
return;
}
scan.on('result',function(data) {
// fired when item is matching options
console.log(data);
});
scan.on('error',function(err) {
throw new Error(data.toString());
});
scan.on('done',function() {
// finished !
});
scan.run();
});
command line
evilscan <fqdn|ipv4|cidr> [options]
--port port(s) you want to scan, examples:
--port=80
--port=21,22
--port=21,22,23,5900-5902
--reverse display DNS reverse lookup
--reversevalid only display results having a valid reverse dns, except if
ports specified
--geo display geoip (free maxmind)
--banner display banner
--bannerlen set banner length grabing
default 512
--bannerraw display raw banner (as a JSON Buffer)
--progress display progress indicator each seconds
--status ports status wanted in results (example --status=OT)
T(timeout)
R(refused)
O(open, default)
U(unreachable)
--scan scan method
tcpconnect (full connect, default)
tcpsyn (half opened, not yet implemented)
udp (not yet implemented)
--concurrency max number of simultaneous socket opened
default 500
--timeout maximum number of milliseconds before closing the connection
default 2000
--display display result format (json,xml,console)
default console
--json shortcut for --display=json
--xml shortcut for --display=xml
--console shortcut for --display=console
--help display help
--about display about
--version display version number
Tips:
Concurrency and fast scan
By default, concurrency is 100. Which is slow when you are scanning large ip range or large port range. You can pass a bigger value using –concurrency option. 1000 is fast by example. On some Linux, only 1024 opened sockets are allowed in the same time. To break this limit, you have to update ulimit parameter of your Linux first :
ulimit -u unlimited
In all cases, due to #25, you will not be able to scan more than 16580355 ipv4 addresses at the moment.
Pause/unpause
You can pause/unpause a running scan by sending a SIGUSR2 signal. The first time it will pause the process, the second time it will unpause it.
kill -SIGUSR2 19859 # where 19859 is the pid of nodejs process running evilscan
We use cookies to ensure that we give you the best experience on our website. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on Read more information.OkRead more